Hackers Used Meta’s AI Support Bot to Seize Over 20,000 Instagram Accounts
- 60% of MD5 Password Hashes Can Be Cracked in Under an Hour with a Single GPU
- Dirty Frag: Root Access on Every Major Linux Distribution — No Patch, No Warning
- Ubuntu 26.04 LTS (Resolute Raccoon): The Most Ambitious Ubuntu LTS in a Decade
- Proton Mail: Data Transferred to FBI Again!
- How Close Are Quantum Computers to Breaking RSA-2048?
- How to Prevent Ransomware Infection Risks?
- What is the best alternative to Microsoft Office?
Meta / Instagram · Data Breach
Hackers Used Meta’s AI Support Bot to Seize Over 20,000 Instagram Accounts
A bug in Meta’s High Touch Support tool let attackers bypass email verification and reset passwords on accounts they never owned — exposing how a single code-path flaw can weaponize an AI assistant.
What Happened
Meta has confirmed that attackers hijacked more than 20,000 Instagram accounts by exploiting a flaw in High Touch Support (HTS), the company’s AI-assisted account recovery system. HTS was designed to help locked-out users regain access to their accounts — but a bug in a separate code path made it the attack surface.
April 17 and May 31, 2026
The breach was first surfaced publicly when videos appeared on Telegram showing attackers walking through a surprisingly simple process: connect to a VPN near the target’s home city to avoid triggering Instagram’s geographic safeguards, then open a chat with the AI support assistant and ask the bot to link the target account to a new email address. The bot would then send a password reset link to the attacker’s email — granting immediate access.
The Technical Cause
Meta’s HTS tool works by allowing users to request password reset links through the support workflow. The flaw was not in the AI model itself, but in adjacent infrastructure:
“The tool itself worked properly and functioned as intended; however due to a bug in a separate code path, the system did not properly verify that the email address provided by the individual requesting a password reset matched the email address associated with that user’s Instagram account.” — Amber Hannah, Associate General Counsel, Incident Response Legal, Meta
In other words, the AI assistant faithfully processed requests — but a broken verification step meant it never checked whether the requester’s email actually matched the account they claimed to own. Accounts without two-factor authentication (2FA) were the only ones successfully compromised; 2FA provided a critical second barrier the attackers could not bypass.
Who Was Targeted
According to security journalist Brian Krebs (KrebsOnSecurity), attackers went after two categories of accounts: high-profile handles for their propaganda value, and short, valuable usernames that command high prices on underground markets.
Compromised accounts included the Obama-era White House Instagram page (inactive since 2017) and the account of U.S. Space Force Chief Master Sergeant John Bentivegna. Security researcher Jane Wong also reported her account was taken over. Pro-Iran messaging was reportedly posted on several of the seized accounts, and the Telegram channel behind the attacks claimed the short usernames seized had a collective resale value exceeding half a million dollars.
Timeline of Events
April 17, 2026
Breach begins. Attackers start exploiting the HTS email verification flaw to hijack accounts.
Late May / Early June 2026
Reports emerge on Reddit, X, and Telegram. Videos documenting the attack method are shared publicly.
May 31, 2026
Meta confirms discovery of the breach internally.
May 31, 2026 (same day)
Meta disables AI-assisted support tools, invalidates existing password reset links generated through HTS, and removes the vulnerable code pathway.
June 2026
Meta files a data breach notice with Maine’s Office of the Attorney General covering 20,225 affected accounts. Authorities are notified per regulatory requirements.
What Data May Have Been Exposed
Meta states it has no confirmation of what personal data was actually accessed or whether it was accessed at all. However, the breach notice acknowledges that attackers with account access could have viewed:
Contact information (email address and/or phone number) · Dates of birth · Social media posts, photos, videos, and stories · Direct messages and communications · Account activity and history · Information from linked accounts and third-party services
Meta’s Response
“We have fixed this issue, protected affected accounts, and restored user access. While some of our internal backend checks failed this time, this was not due to the AI agent itself, and the root cause has already been addressed. In accordance with regulations, we have notified the authorities of this issue and will formally notify those who may have been affected.” — Meta spokesperson
Beyond the immediate shutdown of HTS, Meta says it is conducting a broader review of similar account recovery flows across all its platforms to identify and patch comparable vulnerabilities. The company framed the failure as an infrastructure bug rather than an AI reasoning failure — the model did what it was told; the surrounding verification logic did not.
The Broader Warning
The attack arrives at a moment when the security community is actively debating how AI changes the threat landscape. Researchers have warned of AI-powered worms capable of spreading with minimal human intervention, and Google has identified cybercrime groups apparently using AI to discover zero-day vulnerabilities. This breach, however, illustrates a different and more immediate risk.
The incident is a reminder that as AI tools take on higher-stakes roles — account recovery, identity verification, customer support — every code path they touch becomes part of the attack surface. Two-factor authentication remains one of the most reliable defenses available to users; all accounts without 2FA were vulnerable, while those with it were not successfully hijacked.
